requires. So yes, sometimes aCSR is not practical.
They are not dependant nor mutually exclusive for the reasons you write in
your email.
--
Michael Richardson , Sandelman Software Works
-= IPv6 IoT consulting =- *I*LIKE*TRAINS*
signature.asc
Description: PGP signature
KI, Matter, OPC-UA, EAP-TEAP-BRSKI, ...) to replace any IDevID with
otherName:EUI64 identity with a proper name that would fit into SNI.
4. Find a sensible way to extend RFC6066 to accomodote other forms of SNI.
There isn't an IANA registry for this.
--
Michael Richardson. o O ( IPv6
gt; If would be very nice to have PQC variants that fit inside that budget.
might it be worth doing a "legacy" crypto operation first, even if that is
broken by a CRQC, if the time to break it is less than the RTT?
--
Michael Richardson , Sandelman Software Works
-= IPv6 IoT consulting =
On 2021-01-24 6:03 p.m., internet-dra...@ietf.org wrote:
Filename: draft-ietf-tls-subcerts-10.txt
I was looking at the DT, wondering what's up, wondering if there was any
implementation report in the document. (When can I use this?... )
I see in the DT that it is waiting for W
above:
"to the EAP-TLS layer that the EAP-TLS method has finished"
so I still think that there might be a typo :-)
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_
Alan DeKok wrote:
> Therefore, we need an explicit signal to the EAP-TLS layer that the
Do you mean, "to the EAP layer"?
s/EAP-TLS layer/EAP/ ??
> EAP-TLS method has finished.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works
Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works|IoT architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
--
Michael Richardson. o O ( IPv6 IøT consulting )
ber of cycles it is allowed to
consume, otherwise the middle box might have to solve the halting problem :-)
BPF could be another model.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
g one, but being an executable of a sort, it has other security
problems.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ru
On 2020-09-02 11:05 a.m., Joe Clarke (jclarke) wrote:
Hello, opsawg. This draft as underwent a number of revisions based on reviews
and presentations at the last few IETF meetings. The authors feel they have
addressed the issues and concerns from the WG in their latest posted -05
revision.
headers get, and
the news is probably better than people feared, if I understood correctly.
--
Michael Richardson , Sandelman Software Works
-= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
___
TLS mailing list
TLS@ietf.org
https://
1.3.
If that's not a concern, then it makes the whole problem.
I guess I misunderstood the discussion.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works|IoT architect [
] m...@sand
Nico Williams wrote:
> On Fri, Jun 19, 2020 at 12:50:17PM -0400, Michael Richardson wrote:
>> Thus, a single header isn't enough, although there could be some
degeneration
>> that results in a single header. We need a few variables to update.
>>
&
complexity would be
in order to understand the ROI for this simiplicity.
I think that a key line is figuring out how/if the certificate chain will be
provided with the simplest design.
--
Michael Richardson , Sandelman Software Works
-= IPv6 IoT consulting =-
signature.asc
Description: PGP s
e them wider.
The hardware TLS offload box then is only important for adapting HTTP 1
and HTTP/2 connections to HTTP/3.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works|IoT architect [
] m...@sandel
ter, to log and
report the proportion of TLS version that connect. How can the IETF help?
*An IETF standard for logging TLS connection parameters would help here*
--
Michael Richardson , Sandelman Software Works
-= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
spend more
time addressing the issues that they have. We may not like their problems,
we may even strongly disagree, but we have to keep them in the tent.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works|I
be able to update the QNAMEs involved, because that
usually permits the web server to delete A and records, as well as
updating the ESNI ?
Or did you mean "general write-access", meaning NFS or something like that?
--
Michael Richardson , Sandelman Software Works
-= IPv6 Io
itted...) which as far as I can see, is permited by tls1.3.
Is there something I'm missing that would prevent us from doing this?
--
Michael Richardson , Sandelman Software Works
-= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
__
19 matches
Mail list logo
